Menu

Chill Medicated Brand Logo

Privacy Policy


1. Introduction and Scope


This Privacy Policy explains how Chill Medicated collects, uses, and protects personal information when you access our website or use our services.”


2. Information We Collect


Clearly list the categories of personal data you collect, such as:

  • Personal identification details (name, date of birth)
  • Contact information (email, phone number, address)
  • Account credentials (username, encrypted passwords)
  • Transaction and order details
  • Payment information (processed securely via third-party providers)
  • Device and usage data (IP address, browser type, cookies)
  • Medical or health-related information, where required for lawful medical cannabis services


If health data is collected, explicitly identify it as sensitive information.


3. How We Use Personal Information


Explain the specific purposes for which data is used, including:

  • Providing medical cannabis products and related services
  • Verifying eligibility and compliance with medical regulations
  • Processing orders and payments
  • Communicating service updates or customer support responses
  • Improving website functionality and user experience
  • Marketing communications, where consent is provided
  • Legal and regulatory compliance


4. Legal Basis for Processing


Specify the lawful grounds for processing personal data, such as:

  • User consent
  • Performance of a contract
  • Compliance with legal or regulatory obligations
  • Legitimate business interests, where applicable


5. Cookies and Tracking Technologies


Disclose the use of cookies or similar technologies, including:

  • Purpose of cookies (analytics, functionality, security)
  • Third-party cookies, if any
  • How users can manage or disable cookies


6. Sharing and Disclosure of Information


Explain whether personal data is shared with:

  • Service providers and vendors
  • Payment processors
  • Regulatory or legal authorities when required
  • Business partners, only where legally permitted


State clearly whether personal data is sold or not.


7. Data Security


Describe the reasonable technical and organizational measures used to protect personal information, such as:

  • Encryption
  • Secure servers
  • Restricted access
  • Regular security reviews


8. Data Retention


State how long personal data is retained and the criteria used to determine retention periods, such as legal requirements or service needs.


9. User Rights


Inform users of their rights under applicable data protection laws, which may include:

  • Accessing personal data
  • Correcting inaccurate data
  • Requesting deletion or restriction
  • Withdrawing consent
  • Opting out of marketing communications


10. International Data Transfers


If data is transferred outside the user’s country, explain:

  • Where the data is transferred
  • Safeguards used to protect the data


11. Children’s Privacy


State that services are not intended for minors and that personal data of children is not knowingly collected.


12. Policy Updates


Explain how changes to the privacy policy will be communicated and how users can review the latest version.